package group.itk.vuelogintestbackend.config

import group.itk.vuelogintestbackend.login.shiro.UserRealm
import org.apache.shiro.realm.AuthorizingRealm
import org.apache.shiro.spring.web.ShiroFilterFactoryBean
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition
import org.apache.shiro.web.mgt.DefaultWebSecurityManager
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration

@Configuration
class ShiroConfig {

    @Bean
    fun userRealm(): UserRealm {
        return UserRealm()
    }

    @Bean("securityManager")
    fun getDefaultWebSecurityManager(
        @Qualifier("userRealm") realm: AuthorizingRealm
    ): DefaultWebSecurityManager {
        return DefaultWebSecurityManager().apply {
            setRealm(realm)
        }
    }

    @Bean("shiroFilterFactoryBean")
    fun getShiroFilterFactoryBean(
        @Qualifier("securityManager") defaultWebSecurityManager: DefaultWebSecurityManager,
        @Qualifier("shiroFilterChainDefinition") shiroFilterChainDefinition: ShiroFilterChainDefinition
    ): ShiroFilterFactoryBean {
        return ShiroFilterFactoryBean().apply {
            securityManager = defaultWebSecurityManager
            /*
              anon：无需认证
              authc：必须认证
              user：必须拥有 记住我 功能才能用
              perms：拥有对某个资源的权限才能访问
              role：拥有某个角色权限才能访问
            */
            filterChainDefinitionMap = shiroFilterChainDefinition.filterChainMap

        }
    }

    @Bean("shiroFilterChainDefinition")
    fun shiroFilterChainDefinition(): ShiroFilterChainDefinition {
        return DefaultShiroFilterChainDefinition().apply {

        }
    }

}
